dani-santos-code
commented
1 year ago ⚠️ We do not intend to send this functionality to https://github.com/grafeas/voucher ; we'll use this fork until full manifest list support is added (probably 1-2months)
I guess this came from the other PR? Since the changes were introduced in Nov 2021, I believe it's been widely tested and we're safe to port them over?
thepwagner
Port https://github.com/Shopify/voucher/pull/4 upstream.
The image manifest v2 allows returning an "manifest list", containing references to multiple manifests for distinct platforms. This is how a single image can represent multiple architectures.
Voucher should eventually support manifest lists, but doing so is a large refactor: many
ManifestandImageConfigobjects become[]Manifestand[]ImageConfig.This PR is aiming to "support" manifest lists rather quickly, by discarding all but a single target architecture (by default:
linux/amd64, but it can be overridden by environment variables, I did not wire the configuration file through 🤢). This allows voucher to vouch for thelinux/amd64platform of multi-arch images.~A similar change will be required for any systems that resolve these images to vouched digests at deploy time. Until that happens, these images will be vouch-able but not deploy-able.~ Other systems will query by image label, and get fallback behaviour from the registry.